openSUSE Security Update : procps (openSUSE-2018-685)

High Nessus Plugin ID 110830

Synopsis

The remote openSUSE host is missing a security update.

Description

This update for procps fixes the following security issues :

- CVE-2018-1122: Prevent local privilege escalation in top. If a user ran top with HOME unset in an attacker-controlled directory, the attacker could have achieved privilege escalation by exploiting one of several vulnerabilities in the config_file() function (bsc#1092100).

- CVE-2018-1123: Prevent denial of service in ps via mmap buffer overflow. Inbuilt protection in ps maped a guard page at the end of the overflowed buffer, ensuring that the impact of this flaw is limited to a crash (temporary denial of service) (bsc#1092100).

- CVE-2018-1124: Prevent multiple integer overflows leading to a heap corruption in file2strvec function.
This allowed a privilege escalation for a local attacker who can create entries in procfs by starting processes, which could result in crashes or arbitrary code execution in proc utilities run by other users (bsc#1092100).

- CVE-2018-1125: Prevent stack-based buffer overflow in pgrep. This vulnerability was mitigated by FORTIFY limiting the impact to a crash (bsc#1092100).

- CVE-2018-1126: Ensure correct integer size in proc/alloc.* to prevent truncation/integer overflow issues (bsc#1092100).

This update was imported from the SUSE:SLE-12:Update update project.

Solution

Update the affected procps packages.

See Also

https://bugzilla.opensuse.org/show_bug.cgi?id=1092100

Plugin Details

Severity: High

ID: 110830

File Name: openSUSE-2018-685.nasl

Version: 1.3

Type: local

Agent: unix

Published: 2018/07/02

Modified: 2018/09/06

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:libprocps3, p-cpe:/a:novell:opensuse:libprocps3-debuginfo, p-cpe:/a:novell:opensuse:procps, p-cpe:/a:novell:opensuse:procps-debuginfo, p-cpe:/a:novell:opensuse:procps-debugsource, p-cpe:/a:novell:opensuse:procps-devel, cpe:/o:novell:opensuse:42.3

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2018/06/29

Reference Information

CVE: CVE-2018-1122, CVE-2018-1123, CVE-2018-1124, CVE-2018-1125, CVE-2018-1126

IAVA: 2018-A-0174